summaryrefslogtreecommitdiffstats
path: root/wp-admin/admin-ajax.php
diff options
context:
space:
mode:
Diffstat (limited to 'wp-admin/admin-ajax.php')
-rw-r--r--wp-admin/admin-ajax.php11
1 files changed, 8 insertions, 3 deletions
diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php
index aef321f..b2049e6 100644
--- a/wp-admin/admin-ajax.php
+++ b/wp-admin/admin-ajax.php
@@ -13,9 +13,14 @@ if ( isset($_GET['action']) && 'ajax-tag-search' == $_GET['action'] ) {
$s = $_GET['q']; // is this slashed already?
- if ( strstr( $s, ',' ) )
- die; // it's a multiple tag insert, we won't find anything
- $results = $wpdb->get_col( $wpdb->prepare("SELECT name FROM $wpdb->terms WHERE name LIKE (%s)", '%' . $s . '%') );
+ if ( strstr( $s, ',' ) ) {
+ $s = explode( ',', $s );
+ $s = $s[count( $s ) - 1];
+ }
+ $s = trim( $s );
+ if ( strlen( $s ) < 2 )
+ die; // require 2 chars for matching
+ $results = $wpdb->get_col( "SELECT name FROM $wpdb->terms WHERE name LIKE ('%". $s . "%')" );
echo join( $results, "\n" );
die;
}
generated by cgit (git 2.34.1) at 2026-01-08 09:33:05 +0000